All the difficult terms you can come across Data Protection Bill- Explained
The Personal Data protection bill was introduced in the Lok Sabha and saw some heated debate between the BJP and opposition leaders. Data Protection Law could be a welcome step for India as there is a massive population in India which uses online data. There are so many technical terms related to the bill which we are not aware of . Here are some of the terms you should know which is described in the bill.
Data Protection Authority: A government authority tasked with protecting individual’s data and executing this Act through codes of audits, inquiries, practice, and more. The Data Protection authority has mainly four tasks. It oversees the internal assessments and external audits of the fiduciaries and tracks data security breaches. DPA receives grievances and handles enforcement. It also defines sensitive data, reasonable purposes for processing, forms of consent, and the lawful transfer of data outside of India. DPA conducts research and spread awareness about data protection.
Privacy by design: Developing the business and product with privacy concerns in mind.
Cross Border Transfer: The movement of data across country’s borders.
Data: Information which is represented in a form that is more appropriate for processing.
Data Localisation: Restriction on data that is transferred to other countries.
Personal Data: Those data which can identify an individual.
Non-personal Data: Data that is anonymous.
Data Processing: The analysis of data to obtain patterns by turning raw data into useful information.
Data Processor: The entity that a fiduciary might give the data to third-party data for processing.
Data Principal: The individual whose data is collected and processed.
Data Fiduciary: The entity which collects the data and processes it.
Notice– The fiduciary has to give notice to the principal about the collection of data including the type of data, the purpose of collecting the data, fiduciary contact details, principal rights and others.
Right to data portability: It is the right to receive the data from the fiduciary in a machine-readable format.
Right to correction and erasure: This term means the right of data principal to erase or correct the data.
The Right to be forgotten: It is the right to restrict continuing disclosure of personal data.
Significant data fiduciaries: The DPA labels certain fiduciaries depending upon its data processing, such as volume of data, company turnover, sensitivity of data, newer technologies and risk of harm.
Data protection impact assessment: Internal assessment of fiduciaries.
Data Protection Officer: The representatives of the fiduciaries that communicates with the authority.
Critical Personal Data: The government decides the definition of critical personal data time to time which cannot be taken outside of the country at all.
Sensitive Personal Data: The Data related to health, finance, sex life, official identifiers, sexual orientation, genetics, biometric, transgender status, caste or tribe, intersex status, religious or political belief or affiliation. These data can only be sent abroad with authority approval.
Adjudicating Officers: Officers in the Data Protection Authority with the power to call people forward for inquiry from fiduciaries, determine penalties by assessing compliance on the fiduciary or compensation to the principal are adjudicating officers. The decision of Adjudicating officers can be appealed in the appellate tribunal.
Have a news story, an interesting write-up or simply a suggestion? Write to us at firstname.lastname@example.org